~mdw / distorted-letsencrypt / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
bin/: Fix preamble to handle invocation through a symlink.
[distorted-letsencrypt] / bin / make-cert
1 #! /bin/sh
2 set -e
3 usage=" TAG"
4 prog=$(readlink -e "$0")
5 . "${prog%/*}/../config.sh"
6 . "$home/lib/lib.sh"
7
8 run_as_user "$@"
9
10 ## Pick out the certificate tag.
11 case $# in 0) fail_usage ;; esac
12 tag=$1; shift
13 case $# in 0) ;; *) fail_usage ;; esac
14
15 prepare_tmp $tag
16
17 ## Get started.
18 cert=$home/cert/$tag
19 cd $cert
20 openssl req -in req -out $tmp/req.der -outform der
21 sans=$(openssl req -in req -text -noout |
22 sed -n '
23 x
24 /^ *X509v3 Subject Alternative Name: $/ {
25 x
26 s/ *DNS://g
27 s/,/ /g
28 p
29 x
30 }')
31 make_le_conf $sans
32
33 cd $tmp
34 $home/letsencrypt/letsencrypt-auto -c "$tmp/le.conf" --text \
35 -a webroot --csr $tmp/req.der certonly
36
37 cd $cert
38 cat $tmp/0001_chain.pem $home/le-root.cert >full-chain.new
39 mv full-chain.new full-chain
Wrapping around the EFF LetsEncrypt client.